in systemd runlevels are basically just targets (it still sets rc?.d symlinks in /etc akaik) which have services they want and are wanted by, it’s the basis for dependency handling
plus you get cool security features like syscall filtering, capability limits, user switching, etc
Well in Void (using runit) each runlevel is just a directory with symlinks to the services.
I didn’t realize systemd had these security features (except for user/group switching, which is pretty standard). You can get those with other init systems, but it’s probably easier on systemd so I assume more people actually do it. I wonder if average distros take the time to harden their unit files.
in systemd runlevels are basically just targets (it still sets rc?.d symlinks in /etc akaik) which have services they want and are wanted by, it’s the basis for dependency handling plus you get cool security features like syscall filtering, capability limits, user switching, etc
Well in Void (using runit) each runlevel is just a directory with symlinks to the services.
I didn’t realize systemd had these security features (except for user/group switching, which is pretty standard). You can get those with other init systems, but it’s probably easier on systemd so I assume more people actually do it. I wonder if average distros take the time to harden their unit files.